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- Extensions of time niay be available under the provisions of 37 CFR 1.136(a). In no event however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, nnay reduce any 
earned patent term adjustment See 37 CFR 1.704(b). 
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1)S Responsive to communication(s) filed on 09/30/2004 . 
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1 . This Office action is in response to Applicant's amendment 09/30/2004. The advisory 
office action mailed on 1 1/01/2004 has been withdrawn. 

2. Claims 1, 3-11, 13-16, 18-23, 25-29, 31-34, and 36-40 are pending. 

Claim Rejections - 35 USC § 103 
3. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

4. Claims 1, 3-11, 13-16, 18-23, 25-29, 31-34, and 36-40 are rejected under 35 U.S.C. 102 

(b) as being unpatentable over Gasser et al. (U.S. Pat. No. 5,224,163) and Chang et al. (U.S. pat. 

No. 6,157,953) in view of Bowman- Amuah (U.S. Pat. No. 6,601,192).. 

As per claims 1, 3-11, 13-16, 20-23, 25-29, 31-34, and 38-40 Gasser substantially discloses a 
method/system for delegating authorization fi-om one entity in a distributed computing system to 
another for a computing session, wherein a session public/private encryption key pair is utilized 
for each computing session (which is readable as Applicant's claimed invention wherein it is 
stated that receiving from a delegator), comprising: 

receiving, from a delegator, a designation of a role and a delegate to assume the role (see., 
abstract, col 3, lines 7-48); 
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receiving, from a credential service provider, an indication that the designation is valid (see., 
abstract, col 3, lines 26-48, specifically wherein it is stated that if the user's name if found on the 
list next to the requested access, access will be granted, col 6, lines 33-66); and 
generating a delegation credential in response to receiving the indication (see., col 3, lines 7-48, 
specifically wherein it is stated that if the user's name if found on the list next to the requested 
access, access will be granted). The limitation wherein said send a message to the delegator 
indicating that the delegation credential has been assigned is also disclosed by Gasser in the 
abstract, col 3, lines 7-48, specifically wherein it is stated that delegating authorization from one 
entity in a distributed computing system. A private key (or encoded delegation) enables each 
entity to identify itself to other entities and to encode certain message. When a user requests 
access to a system resource, the user's name is compared to the resource's access control list. If 
the user's name if found on the list next to the requested access, access will be granted (granted 
or credential has been assigned. 

It is to be noted that Gasser fails to explicitly disclose the limitation wherein said sending the 
delegation credential to a verification service that compares the selected delegation credential to 
permissible delegation credentials. However, Chang discloses a method/apparatus of securing 
access to a service manager for the administration of services residing on multiple service host 
computers from an administration server computer. The service host computers for verification 
at the service hosts by examining data relating to user privileges (credentials verification) stored 
in the user profile data repository (see., absfract, col 3, lines 48-67, col 12, lines 1-43, col 13, 
lines 3-40). It would have been obvious to a person of ordinary skill in the art at the time the 
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invention was made to modify the teaching of Gasser by including the limitation detailed above 
as taught by Chang because this would control access and authentication of a user or delegator. 
Gasser and Chang fail to explicitly disclose Applicant's newly added limitation wherein said 
generating a report via the verification service regarding usage of the delegation credential. 
Bowman-Amuah discloses a report architecture within envirorunent services supports the 
generation and delivery of reports (see., abstract, col 1-col 78). Therefore, it would have been 
obvious to a person of ordinary skill in the art at the time the invention was made to modify the 
teaching of Gasser and Chang by including the limitation detailed above as taught by Bowman- 
Amuah because this would deliver service and control access of a user or delegator. 

As per claims 18, and 36, Gasser discloses the claimed method of storing the delegation 
credential in a database maintained by a delegation service provider (see., col 3, lines 7-15, 
specifically wherein it is stated that public key are stored with the entities names in a global 
naming service). 

As per claims 19, and 37, Gasser discloses the claimed method wherein identifying comprises 
checking a hash of the confirmation code to identify the delegator (see., col 5, lines 10-67, 
specifically wherein it is stated that RSA cryptography or has fiinction). 

RESPONSE TO ARGUMENTS 

5. Applicant's arguments filed on 09/30/2004 have been fiilly considered but they are moot in 
view of new ground (s) of rejection. Necessitated by amendment. 
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REMARKS 

6. In response to Applicant's arguments, Applicant argues that the prior art of record Gasser 
and Chang fail to disclose the recited feature wherein said "generating a report via the 
verification service regarding usage of the delegation credential". However, the newly found 
prior art Bowman-Amuah discloses a report architecture within environment services supports 
the generation and delivery of reports (see., abstract, col 1-col 78). Therefore, it would have 
been obvious to a person of ordinary skill in the art at the time the invention was made to modify 
the teaching of Gasser and Chang by including the limitation detailed above as taught by 
Bowman-Amuah because this would deliver service and control access of a user or delegator. 

Conclusion 

7. Any inquiry concerning this communication or earlier communications fi:om the 
examiner should be directed to Pierre E. Elisca whose telephone number is 703 305-3987. The 
examiner can normally be reached on 6:30 to 5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, James Trammell can be reached on 703 305-9769. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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